<?php
include_once 'library/config.php';
include_once 'model/userlist.php';
include_once 'model/stafflistview.php';
?>
<!DOCTYPE html>
<html>
    <head>
        <meta charset="utf-8" />
        <title>后台登录</title>
        <link href="css/reset.css" rel="stylesheet" type="text/css" />
        <link href="css/login.css" rel="stylesheet" type="text/css" />
        <script type="text/javascript">
            if (self !== top)
            {
                top.location = self.location;
            }
        </script>
        <?php
        $req = new HttpRequestHelper();
        $req->request();
        try {
            if ($req["action"] == "login") {
                if ($_COOKIE["admincode"] != $req["validatecode"]) {
                    throw new Exception("验证码错误");
                }
                $entity = new StaffListView();
                if ($entity->select()->where("account=?", array($req["account"]))->get_first_rows()) {
                    if ($entity["pwd"] != md5($req['account'] . $req["pwd"])) {
                        throw new Exception("登录密码不正确！");
                    }
                    setcookie("myid", $entity["myid"]);
                    setcookie("realname", $entity["gongzhonghao"]);
                    setcookie("powerlist", $entity["powerlist1"]);
                    header("location:index.php");
                } else {
                    throw new Exception("用户不存在！");
                }
                echo $entity;
            }
        } catch (Exception $ex) {
            echo '<script type="text/javascript">alert("' . $ex->getMessage() . '");</script>';
        }
        ?>
    </head>
    <body>
        <div id="mainwrap">
            <form method="post">
                <table id="login">
                    <tbody>
                        <tr>
                            <td id="logo">
                                网站管理系统
                            </td>
                        </tr>
                        <tr>
                            <td>
                                <input type="text" placeholder="登录帐号" id="account" name="account" autofocus="true" value="<?php echo $req["account"] ?>" />
                            </td>
                        </tr>
                        <tr>
                            <td>
                                <input type="password" placeholder="登录密码" id="pwd" name="pwd" value="<?php echo $req["pwd"] ?>" />
                            </td>
                        </tr>
                        <tr>
                            <td>
                                <input type="text" placeholder="验证码" name="validatecode" class="w70" maxlength="5" /><img id="valicode" src="admincode.php" />
                            </td>
                        </tr>
                        <tr>
                            <td>
                                <div>
                                    <input type="hidden" name="action" value="login" />
                                    <button type="submit">登录</button>
                                </div>
                            </td>
                        </tr>
                    </tbody>
                </table>
            </form>
        </div>
    </body>
</html>